Hey there!
Secureblue is a project we should keep an eye on. They do quite some things that make total sense, in some others they may break things.
They removed a lot of setuid
binaries:
They also remove:
su
sudo
pkexec
chsh
Personal experience
I personally have encountered edge cases when using rsync
with run0
instead of sudo
.
But apart from that, I now use run0
exclusively. My main account has no wheel
anymore, and I have a second sysadm_u
user in the wheel
group. Works perfectly with run0
, for example
- KDE partition manager
kio-admin
in Dolphin- Kate Editor
Impact
pkexec
should be replaceable with run0
as it works exactly the same afaik. sudo
has a cooldown timer and configs, which is pretty different.
Afaik su
and chsh
provide features, can their features be replaced?